„Nucleus“ Initiative for SAP S/4HANA Cloud wins CSO Top 50 award
SAP is an innovation company, successfully ensuring our customers are the best run using innovative products and services.
SAP’s History of Innovation
In 1972, when SAP was formed, the founders began with a vision of creating standard software for the mainframe computer. Eventually, when the client/server architecture became the backbone of the technological infrastructure SAP introduced SAP R/3 – with great success. Fast forward to the age of the internet and SAP has again innovated by connecting our customers.
Bottom Line: SAP knows how to transition to new technologies.
As SAP’s customer base grew at a rapid pace, and we needed our solutions to scale, we mastered this challenge as well. Today, SAP customers generate 87% of total global commerce and 99 of the 100 largest companies in the world are SAP customers. In over 186 countries, with over 400,000 customers globally, SAP has proven its ability to scale.
CSO Top 50 award for our SAP S/4HANA Cloud solution
Today, we are facing the challenges of transitioning from a software provider to a cloud provider – and we need to cloud-enable our solutions and scale them to support large corporations operating globally. With a large portion of SAP’s revenue attributed to our cloud business, we are mastering the technology and the scalability to operate in the cloud.
Awarded with the CSO Top 50 award for our SAP S/4HANA Cloud solution, led by Matthias Ems, Business Information Security Officer for SAP S/4HANA, our company has demonstrated its meeting the demands of our customers. This award recognized our Nucleus initiative, which automates the patching process for our cloud operations.
This prestigious award acknowledged two topics which are fundamental to operating and scaling a successful cloud business: Security and Automation.
“Cybersecurity is one of the biggest business priorities at SAP. Accordingly, the CSO Top 50 award that my colleague Matthias Ems and his team were presented with is a testament to the hard work our security teams put in to increase our security posture and the security of our solutions,” said Tim McKnight, SAP Chief Security Offer.
The CSO50 Awards recognize 50 security projects and initiatives that demonstrate outstanding business value and thought leadership. The CSO Hall of Fame recognizes leaders who have made significant contributions to the advancement of information risk management and security. This year, SAP was awarded both in the CSO50 Honoree and with Tim McKnight also in the CSO Hall of Fame inductee categories.
Trust in SAP
A key success factor for moving SAP customers to the cloud is trust – and our customers trust us because of the security of both our solutions and our cloud operations. To provide our customers with the best security measures on a large scale, automatization measures are a necessity.
About the Nucleus Initiative
In 2021 the SAP S/4HANA security team was exploring how to further improve the patching process for SAP’s global environment of more than 25.000 systems.
The goal was to fully automate and reduce patching cycles for operating system updates, increase adhoc capabilities, but also to increase the stability of controlling the blast radius.
SAP S/4HANA Cloud implemented a globally distributed fully automated security patching framework that deploys patches on a weekly cycle, starting from the day patches are published by the vendor.
The agentless cloud native Ansible framework sets the foundation of a scalable and flexible automation platform for all kind of security hygiene measures.
While the Vulnerability Scanning capabilities based on Tenable.io were rolled out, all related processes were evaluated as part of the Vulnerability/Patching Supply Chain. Starting with the Vendor, SAP successfully deployed and implemented the patch. The team reduced the timeline to a continuous weekly patching cycle, deploying all patches no matter what criticality they have.
The “Nucleus” provides full automation, self-healing capabilities, controlled blast radius and the capability to deploy patches within 7 days and less with the push of a button.
Beyond this the automation capabilities are fully integrated into the S/4HANA Cloud Software Lifecycle, leveraging existing downtimes enabling seamlessly integrated Security Hygiene.
With innovative security initiatives like the Nucleus project, we continue our tradition of adopting new technologies comprehensively and are able to scale them to the needs of our customers.
Thanks for sharing. Is this only available for the public edition?
I like that 😉
Great one Patrick Boch